Is it possible to set the multisession CD so that it uses an encrypted file system?

I managed this on my USB stick and it worked fine (obviously for pup001). Now with the CD I would like to have some degree of privacy in case I lose it somewhere, so any files burned onto the CD are secure.

Maybe some smart cooky could make a batch file to encrypt the days files
and then decrypt at the start of the session . . .

Quote:

# bcrypt
Usage is: bcrypt -[orc][-sN] file1 file2..
-o Write output to standard out
-r Do NOT remove input files after processing
-c Do NOT compress files before encryption
-sN How many times to overwrite input files with random data

That's a good point. At present, theoretically, anyone can read anything on your CD.

After giving it about 30 seconds of thought, here's what I came up with: an encryption program, perhaps a DotPup, would be used encrypt files on a file-by-file basis before they were saved to the CD. It would be unnecessary, and probably difficult, to encrypt the entire contents of the CD. An encryption program which encrypts only individual files as required would be easier to make and to use.

You'd have to know to start the decryption program and enter the password first or all you'd see when you clicked on the encrypted file would be garbage.

Perhaps the scheme could include the ability to prompt you to encrypt a plain language file before saving it.

Such an encryption scheme wouldn't be 'transparent' (automatic or always operating in the background) but it would be easy to use and would serve the purpose.

For me there are a couple of questions:
1. Is it better to bcrypt the iso or the files themselves?
2. When reading the sequentially the backups, is there a way to only input the password once?

I guess if you have different passwords for different increments, it would allow you to load or not load certain backups.

I am also toying with encrypted volumes. Not had any success in puppy yet (have on ubuntu and fedora) but there must be a way through the loopback as you used to be able to encrypt pup001. This would allow you to create a volume on another pc and then simply burn the encrypted volume to the multisession disk (- theoretically giving me all my normal PC's files in a secure lump). This is obviously static and cannot be written to, but it would still be useful. Both would be excellent.

Well, Lobster is the one who answered your question. All I did was shoot my mouth off.

Quote:

For me there are a couple of questions:
1. Is it better to bcrypt the iso or the files themselves?

I don't see how the iso could be encrypted, practically speaking, since decrypting it would require a program running within an OS of some kind. Anyway, why encrypt the OS? It's already available for anyone to download. Just encrypt the files you don't want anyone else to see. If you lose the CD, all anyone can see without the password is a bunch of garbage if they click on the encrypted file. If nothing prompts for a password, and the file extension doesn't give it away, the thief might not even realize that the garbage was an encrypted file.

Quote:

2. When reading the sequentially the backups, is there a way to only input the password once?

There is no need to do anything with the puppy iso. If they can't give the password for the increments, then they would get a raw system with no private data.

Maybe that's why multisession Puppy never worked for me. Do you mean ms Puppy encrypts the pup001 file by default? If so I missed it asking me for a password when I shut it down for the first time and that's why it doesn't boot with the saved data.

Maybe that's why multisession Puppy never worked for me. Do you mean ms Puppy encrypts the pup001 file by default? If so I missed it asking me for a password when I shut it down for the first time and that's why it doesn't boot with the saved data.

No. It doesn't on multisession, just on the usb or hard drive version.

Lobster - haven't looked at tinylogin but will do so now. That might be the way to go with a completely encrypted disk - which is not ideal in my view.

The easiest way would be to encrypt the incrementals.

Barry, if you read this, can you let me know what you used on the usb versions of pup001 to encrypt them?

I have ideas, but I'm really struggling. If someone could work with me who is better at scripting than me, we could possibly move it forward.

I think that the way to do it is this:
1. All the identified changed files (as per the shutdown-script in rc.reboot-cd) could be tar 'd into a single file (perhaps named in the same way using the date and time system that the normal incremental back-ups use).
2. That file could then be bcrypted
3. and finally the encrypted file sent to mkisofs and burned to CD.

4. On start-up, the script would need to try to read either unencrypted folders (the usual back-up files) and any bcrypted files (or even both).

The bcrypted files would need to be decrypted into ram and then the resultant tar'd file, untarred.

I can see the process, but I'm lacking the ability to get it to work.

Hopefully someone out there will have the ability.......

I know this isn't really solid security - on line you are vulnerable, if it uses swap, or even if you leave it on and go off for a coffee it isn't safe, but it would solve the problem of leaving it on the bus and having all your emails and files readable by anyone who finds it.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum